Certificate

$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IFYQcyy9sNg0hH8rk6CgyrD9XfQ.cer
File:                     IFYQcyy9sNg0hH8rk6CgyrD9XfQ.cer (raw, json)
Hash identifier:          VBCq0tkbQP0wprYRowUa5T3xIl0poDF9LBHiXc86FEk=
Subject key identifier:   20:56:10:73:2C:BD:B0:D8:34:84:7F:2B:93:A0:A0:CA:B0:FD:5D:F4
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer:       /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial:       01D56C
Authority info access:    rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest:                 rsync://rpki.apnic.net/member_repository/A912A2F7/CB4BDD74F4D411E9B8D9A145C4F9AE02/IFYQcyy9sNg0hH8rk6CgyrD9XfQ.mft
caRepository:             rsync://rpki.apnic.net/member_repository/A912A2F7/CB4BDD74F4D411E9B8D9A145C4F9AE02/
Notify URL:               https://rrdp.apnic.net/notification.xml
Certificate not before:   Sun 31 Dec 2023 19:00:11 +0000
Certificate not after:    Wed 01 May 2024 00:00:00 +0000
Subordinate resources:    AS: 137279
                          IP: 2404:3180::/32

Validation:               Failed, certificate revoked on Mon 19 Feb 2024 13:19:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 120172 (0x1d56c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
        Validity
            Not Before: Dec 31 19:00:11 2023 GMT
            Not After : May  1 00:00:00 2024 GMT
        Subject: CN=A912A2F7/serialNumber=205610732CBDB0D834847F2B93A0A0CAB0FD5DF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:5a:20:68:51:68:27:5a:38:81:a4:d8:97:4d:
                    fb:34:a5:6c:a5:08:86:bb:9a:40:61:4a:24:35:01:
                    fc:d2:f1:5d:1e:34:cd:72:96:0f:10:57:10:4d:32:
                    6a:bd:39:56:9a:4b:ab:f9:be:7d:7e:cc:ae:eb:4d:
                    92:e5:09:f6:48:aa:8c:c9:be:37:1f:f2:d7:d5:57:
                    a9:c8:ed:0f:d6:c5:1b:b3:6a:70:ab:01:50:c3:6c:
                    54:9b:45:75:c6:f1:0d:aa:ba:f7:1e:21:a7:d4:57:
                    8b:37:fa:f1:98:eb:3e:a1:ab:9d:8b:a7:e5:e5:76:
                    55:dd:81:05:8b:9f:24:1f:90:78:da:8c:91:1a:83:
                    2d:d3:32:7c:f8:21:50:3a:12:98:5f:4b:87:e9:6f:
                    95:0f:3f:73:ac:4d:56:72:93:ab:5b:fc:40:a1:0a:
                    21:95:25:6a:f2:6d:0c:b4:ec:c2:63:63:72:90:35:
                    29:d9:68:3a:39:06:42:1a:32:d9:45:e6:4d:a3:2f:
                    83:96:39:08:45:c0:7a:96:96:61:b5:6c:61:21:90:
                    ce:78:58:ad:d2:c2:f6:66:d8:74:b2:34:d5:a5:6c:
                    38:8f:00:8b:96:76:3d:19:98:df:38:fb:db:07:95:
                    66:1e:4b:fd:98:04:a5:1c:d6:dd:ca:33:85:45:73:
                    37:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:56:10:73:2C:BD:B0:D8:34:84:7F:2B:93:A0:A0:CA:B0:FD:5D:F4
            X509v3 Authority Key Identifier:
                keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                CA Repository - URI:rsync://rpki.apnic.net/member_repository/A912A2F7/CB4BDD74F4D411E9B8D9A145C4F9AE02/
                RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A912A2F7/CB4BDD74F4D411E9B8D9A145C4F9AE02/IFYQcyy9sNg0hH8rk6CgyrD9XfQ.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  137279

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:3180::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:29:2e:74:23:ec:0a:83:75:1c:4b:76:d0:5b:79:41:87:81:
         94:c8:44:c3:8e:5c:2b:ed:df:a6:5d:dd:ea:cb:2c:49:6f:05:
         db:70:1a:c5:de:26:bf:df:a7:de:b6:cd:05:ac:16:09:1d:ff:
         9d:de:8e:3e:9c:81:f8:9c:c4:5b:56:42:69:6e:31:05:82:e6:
         a6:93:c1:75:9b:c2:95:15:8c:e5:05:8f:8b:aa:3c:0e:01:40:
         af:92:4e:a5:0f:1a:16:7b:9d:88:57:20:e4:3c:b9:a2:66:12:
         5e:10:72:c6:99:04:6f:57:c5:fc:74:bb:97:10:80:a8:f4:e1:
         25:56:74:06:88:1f:62:cc:fa:57:25:c5:4b:3a:d8:b3:8f:43:
         d3:b7:3c:2c:8c:af:98:99:31:94:5c:65:83:3f:d1:7d:1a:a7:
         22:0a:ed:b1:72:3e:b9:9c:1a:74:5d:db:49:36:46:59:87:83:
         7e:cd:b6:10:85:1a:d8:25:0e:48:d8:5b:a3:08:6e:26:65:23:
         c3:b7:3f:70:6c:bd:d9:43:bb:38:e3:bc:be:4a:2a:4e:2d:12:
         59:e2:8f:b5:ec:b1:6c:06:87:9a:85:bf:8e:85:de:29:30:7b:
         13:75:0d:88:bf:1b:13:eb:f0:d4:a0:b1:40:5b:67:79:ef:b4:
         31:73:ca:27
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgIDAdVsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTIzMTIzMTE5MDAxMVoXDTI0MDUwMTAwMDAwMFowRjERMA8G
A1UEAxMIQTkxMkEyRjcxMTAvBgNVBAUTKDIwNTYxMDczMkNCREIwRDgzNDg0N0Yy
QjkzQTBBMENBQjBGRDVERjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDXWiBoUWgnWjiBpNiXTfs0pWylCIa7mkBhSiQ1AfzS8V0eNM1ylg8QVxBNMmq9
OVaaS6v5vn1+zK7rTZLlCfZIqozJvjcf8tfVV6nI7Q/WxRuzanCrAVDDbFSbRXXG
8Q2quvceIafUV4s3+vGY6z6hq52Lp+XldlXdgQWLnyQfkHjajJEagy3TMnz4IVA6
EphfS4fpb5UPP3OsTVZyk6tb/EChCiGVJWrybQy07MJjY3KQNSnZaDo5BkIaMtlF
5k2jL4OWOQhFwHqWlmG1bGEhkM54WK3SwvZm2HSyNNWlbDiPAIuWdj0ZmN84+9sH
lWYeS/2YBKUc1t3KM4VFczd5AgMBAAGjggMQMIIDDDAdBgNVHQ4EFgQUIFYQcyy9
sNg0hH8rk6CgyrD9XfQwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MTJBMkY3L0NCNEJERDc0RjRENDExRTlCOEQ5QTE0NUM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTEyQTJGNy9DQjRCREQ3NEY0RDQxMUU5QjhEOUExNDVDNEY5QUUwMi9JRllRY3l5
OXNOZzBoSDhyazZDZ3lyRDlYZlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAhg/MCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAQxgDANBgkq
hkiG9w0BAQsFAAOCAQEAWikudCPsCoN1HEt20Ft5QYeBlMhEw45cK+3fpl3d6sss
SW8F23Aaxd4mv9+n3rbNBawWCR3/nd6OPpyB+JzEW1ZCaW4xBYLmppPBdZvClRWM
5QWPi6o8DgFAr5JOpQ8aFnudiFcg5Dy5omYSXhByxpkEb1fF/HS7lxCAqPThJVZ0
BogfYsz6VyXFSzrYs49D07c8LIyvmJkxlFxlgz/RfRqnIgrtsXI+uZwadF3bSTZG
WYeDfs22EIUa2CUOSNhbowhuJmUjw7c/cGy92UO7OOO8vkoqTi0SWeKPteyxbAaH
moW/joXeKTB7E3UNiL8bE+vw1KCxQFtnee+0MXPKJw==
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:02:50 2024 by rpki-client on console-ams.rpki-client.org